The value of biometric data is that it is impervious to abuse and falsification; it enables HR Professionals to accurately monitor employee attendance and ensure buildings are accessed only by authorized personnel. It is easy to operate and reduces administrative time.
Biometric data includes measurable human biological or behavioral characteristics that can be used for identification. It includes fingerprints, voiceprint, retina or iris scans, and scans of hands or face geometry. In the work environment, a common example includes the use of employee fingerprints to access facilities or clock in and out through timekeeping systems. Buddy punching is a common wage theft problem when coworkers clock in for an employee who is not at work. The American Payroll Association estimates that 75% of all businesses lose money due to buddy punching.
Healthcare has incorporated the use of biometric data. In some hospitals, physicians access electronic health data via a finger or iris scanning biometrics security system. Biometrics technology can be used for patient registration and identification to ensure that medical records are properly associated with each patient. This technology can be especially helpful to identify a child and link to the appropriate medical record, especially when a child is not able to communicate.
The use of biometric data is becoming more common and laws are continuing to develop to provide more guidance to employers about proper ways to collect, store, and use the data. Illinois was the first state to develop legislation by passing the Biometrics Information Privacy Act (BIPA). The Act seeks to protect individual privacy and requires employers to adopt policies regarding biometric data collection and retention, obtain consent before collecting biometric data, and take steps to securely store and protect from disclosure any biometric information that is collected. It is only in limited circumstances that an employer is able to disclose biometric information; an employer may not sell, lease, trade, or profit from any individual’s biometric information. Recently (1/25/19), the Supreme Court of Illinois decided that private entities can be held liable for monetary damages for technical violations of BIPA. Numerous entities (including hotels and hospitals) have been sued for technical violations with damages awarded to each technical violation. The penalties of BIPA can range from $1,000 to $5,000 per violation and include attorney fees.
Since 2008 when Illinois passed BIPA, both Washington and Texas passed similar laws, however, BIPA remains the only law that allows private individuals to file a lawsuit for damages stemming from a violation. Other states considering laws on biometric data include New York, Montana, Idaho, California, Alaska, Connecticut, New Hampshire, and Massachusetts.
In order to ensure that your company is compliant, it is important to review any applicable state and federal laws related to handling employee biometric information. Obligations extend beyond employee information and include the handling of client or third-party biometric information. These steps are important even if your state has not passed laws that affect the organization’s use of biometric data.
WageWatch offers accurate, up-to-date benefit surveys, salary surveys and pay practices data that will allow you to stay current with the times. This information is highly beneficial in creating the best salary and benefits packages that meet or rival the industry standards. For more information on our services, please call WageWatch at 888-330-9243 or contact us online.